Opened 5 years ago

Closed 5 years ago

#1746 closed defect (invalid)

websocket response 302 error

Reported by: larryluo64@… Owned by:
Priority: minor Milestone:
Component: other Version: 1.15.x
Keywords: map $http_upgrade $connection_upgrade { default upgrade; '' close; } upstream websocket { server 192.168.2.70:8210; } server { listen 80; listen 443 ssl; server_name devm.manjd.com; index index.html index.htm; #ssl on; ssl_certificate /usr/local/nginx/conf/certificate/devm.manjd.com/214949433600661.pem; ssl_certificate_key /usr/local/nginx/conf/certificate/devm.manjd.com/214949433600661.key; ssl_session_timeout 5m; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; ssl_session_cache shared:SSL:20m; if ($scheme != https) { rewrite ^(.*)$ https://$host$1 permanent; } location ^~ /websocket { proxy_pass http://websocket; proxy_redirect off; proxy_set_header X-Real_IP $remote_addr; proxy_set_header Host $host; proxy_set_header X_Forward_For $proxy_add_x_forwarded_for; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection 'upgrade'; } Cc:
uname -a: [root@nginx171 ~]# uname -a
Linux nginx171 3.10.0-327.el7.x86_64 #1 SMP Thu Nov 19 22:10:57 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux
[root@nginx171 ~]#
nginx -V: nginx version: nginx/1.14.2
built by gcc 4.8.5 20150623 (Red Hat 4.8.5-16) (GCC)
built with OpenSSL 1.0.2k-fips 26 Jan 2017
TLS SNI support enabled
configure arguments: --prefix=/usr/local/nginx --user=www --group=www --with-http_ssl_module --with-http_flv_module --with-http_stub_status_module --with-http_gzip_static_module --with-pcre --with-stream --with-http_stub_status_module --add-dynamic-module=/usr/local/src/headers-more-nginx-module-0.33 --with-http_ssl_module --with-http_v2_module
[root@nginx171 ~]

Description

I have deployed websocket protocol in nginx proxy,but websocket response 302 error!please help me,thank you very much.

Change History (2)

comment:1 by larryluo64@…, 5 years ago

following is nginx.conf

#user www;
worker_processes 5;

#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;

#pid logs/nginx.pid;

events {

worker_connections 1024;

}

include tcp.conf;

#load_module /usr/local/src/headers-more-nginx-module-0.33;

http {

include mime.types;
default_type application/octet-stream;

log_format main '$host $remote_addr - $server_addr $server_port $status $body_bytes_sent $remote_user [$time_local] $request'

'"$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';

#access_log logs/access.log main;

sendfile on;
#tcp_nopush on;

#keepalive_timeout 0;
keepalive_timeout 65;

#gzip on;

server {

listen 80;
server_name localhost;
#charset koi8-r;
access_log logs/host.access.log main;

location / {

#add_header Access-Control-Allow-Origin *;
root html;
index index.html index.htm;

}

#error_page 404 /404.html;

# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {

root html;

}


}

include vhosts/*.conf;

}

following is devm_wss.conf (websocket config)

#websocket 需要加下这个
map $http_upgrade $connection_upgrade {

default upgrade;
close;

}

upstream websocket {

server 192.168.2.70:8210;

}

server {

listen 80;
listen 443 ssl ;
server_name devm.manjd.com;
index index.html index.htm;
#ssl on;
ssl_certificate /usr/local/nginx/conf/certificate/devm.manjd.com/214949433600661.pem;
ssl_certificate_key /usr/local/nginx/conf/certificate/devm.manjd.com/214949433600661.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:20m;


if ($scheme != https) {

rewrite (.*)$ https://$host$1 permanent;

}

location ~ /websocket {

proxy_pass http://websocket;
proxy_redirect off;
proxy_set_header X-Real_IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X_Forward_For $proxy_add_x_forwarded_for;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';

}

location /wxauth/ {

proxy_pass http://192.168.10.90:80;
proxy_set_header X-Real_IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X_Forward_For $proxy_add_x_forwarded_for;

}

location / {

#return 301 https://www.abc.com;
proxy_pass http://192.168.2.70:80;
proxy_set_header X-Real_IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X_Forward_For $proxy_add_x_forwarded_for;

}

}

comment:2 by Maxim Dounin, 5 years ago

Resolution: invalid
Status: newclosed

For questions, please use mailing lists instead.

Note: See TracTickets for help on using tickets.